有没有办法如何使用Ansible mysql_user模块(或使用任何其他模块)授予MySQL管理权限?我想为用户设置SUPER
,RELOAD
和SHOW DATABASES
特权以及其他一些特定于数据库的特权。如何授予MySQL服务器管理权限(SUPER,RELOAD ...)与否?
继基本设置很适合我:
- name: Set user privileges
mysql_user:
user={{ mysql_user }}
password={{ mysql_password }}
state=present
priv={{ item }}
with_items:
- 'somedatabase.*:ALL'
- 'someotherdatabase.*:ALL'
...结果:
TASK: [db | Set user privileges]
**********************************************
ok: [dbuser] => (item=somedatabase.*:ALL)
ok: [dbuser] => (item=someotherdatabase.*:ALL)
以下设置口口声声说 “改变” 和特权都没有什么人们会预期:
- name: Set user privileges
mysql_user:
user={{ mysql_user }}
password={{ mysql_password }}
state=present
priv={{ item }}
with_items:
- '*.*:SUPER,RELOAD,SHOW\ DATABASES'
- 'somedatabase.*:ALL'
- 'someotherdatabase.*:ALL'
(重复)运行:
TASK: [db | Set user privileges]
**********************************************
changed: [dbuser] => (item=*.*:SUPER,RELOAD,SHOW\ DATABASES)
changed: [dbuser] => (item=somedatabase.*:ALL)
ok: [dbuser] => (item=someotherdatabase.*:ALL)
结果:
mysql> show grants for 'dbuser'@'localhost';
+---------------------------------------------------------------------------------------------------------------+
| Grants for [email protected] |
+---------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'dbuser'@'localhost' IDENTIFIED BY PASSWORD '*2046D2DDAE359F311435E8B4D3776EFE13FB584C' |
| GRANT ALL PRIVILEGES ON `somedatabase`.* TO 'dbuser'@'localhost' |
| GRANT ALL PRIVILEGES ON `someotherdatabase`.* TO 'dbuser'@'localhost' |
+---------------------------------------------------------------------------------------------------------------+
3 rows in set (0.00 sec)
有谁知道如何:
- 设置
SUPER
,RELOAD
和SHOW DATABASE
管理。特权? - 使配置幂等?
感谢提'append_privs' – oblalex